Dumb question

Dumb question

[V Kurien]

Hi all
I'm trying to use ulogd2 to count flows and so I assume that I have to
create iptable rules to match the traffic that I care about.

Based on reading on the web, it seemed that I'd have to (this is on a
stock ubuntu-16.04 with a 4.4 kernel)

Assume that I want to match all TCP packets heading into the host;

(1) Create an iptables rule: iptables -A INPUT -p TCP  -j ULOG --ulog-nlgroup 1
(2) My ulogd.conf looks like:
.. all plugins included

stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU

I get an error when I try to run the iptables command:

iptables: No chain/target/match by that name.

Clearly I am doing something insane, but what?

Re: Dumb question

[V Kurien]

Please ignore this. The kernel on the machine had been changed from
the generic kernel.

On Thu, Mar 9, 2017 at 8:35 PM, V Kurien <kurien.varugis@gmail.com> wrote:
> Hi all
> I'm trying to use ulogd2 to count flows and so I assume that I have to
> create iptable rules to match the traffic that I care about.
>
> Based on reading on the web, it seemed that I'd have to (this is on a
> stock ubuntu-16.04 with a 4.4 kernel)
>
> Assume that I want to match all TCP packets heading into the host;
>
> (1) Create an iptables rule: iptables -A INPUT -p TCP  -j ULOG --ulog-nlgroup 1
> (2) My ulogd.conf looks like:
> .. all plugins included
>
> stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
>
> I get an error when I try to run the iptables command:
>
> iptables: No chain/target/match by that name.
>
> Clearly I am doing something insane, but what?

Re: Dumb Question

[Randy.Dunlap]

On Fri, 11 Aug 2006 12:04:18 +0200 Jesper Juhl wrote:

> On 11/08/06, Marc Perkel <marc@perkel.com> wrote:
> [...]
> > and how do I apply the patch?
> 
> Please read Documentation/applying-patches.txt in the kernel source
> dir after extracting the tarball.

For a non-web interface, you can use 'ketchup'.
See http://www.selenic.com/ketchup/wiki/

---
~Randy
PS: clearly for Mark (not Jesper)

Re: Dumb Question

[Jiri Slaby]

Jan Engelhardt wrote:
>>>> I figured it out - however - the files to download to compile the
>>>> kernel should be accessible from the front page of the web site.
>>> They are - http://kernel.org/ right on the front. (Click either 2.6.17.8
>>> or "F", depending on what you need).
>>>
>> But that doesn't let me compile 2.6.18.

Nothing on the world let you compile 2.6.18, it wasn't released yet ;).

> Get a compiler? (And the "F" file.)
> 
>> And the patch can't be applied to the 2.6.17.8 kernel.

See
Documentation/applying-patches.txt
in linux source directory (and other userful docs there -- 00-INDEX and HOWTO as 
a beginning)

regards.
-- 
<a href="http://www.fi.muni.cz/~xslaby/">Jiri Slaby</a>
faculty of informatics, masaryk university, brno, cz
e-mail: jirislaby gmail com, gpg pubkey fingerprint:
B674 9967 0407 CE62 ACC8  22A0 32CC 55C3 39D4 7A7E

Re: Dumb Question

[Jesper Juhl]

On 11/08/06, Marc Perkel <marc@perkel.com> wrote:
[...]
> and how do I apply the patch?

Please read Documentation/applying-patches.txt in the kernel source
dir after extracting the tarball.

-- 
Jesper Juhl <jesper.juhl@gmail.com>
Don't top-post  http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please      http://www.expita.com/nomime.html

Re: Dumb Question

[Jan Engelhardt]

>>> I figured it out - however - the files to download to compile the
>>> kernel should be accessible from the front page of the web site.
>> 
>> They are - http://kernel.org/ right on the front. (Click either 2.6.17.8
>> or "F", depending on what you need).
>> 
>
> But that doesn't let me compile 2.6.18.

Get a compiler? (And the "F" file.)

> And the patch can't be applied to the 2.6.17.8 kernel.

No, but to the 2.6.17 one. If you want 17.7->17.8, you need the incr one. 
Well, which is missing from the frontpage, right.


Jan Engelhardt
-- 

Re: Dumb Question

[Jan Engelhardt]

>> OK - so if I want to download the latest kerkel and compile it - what
>> files do I need to download and how do I apply the patch?
>
> I figured it out - however - the files to download to compile the kernel should
> be accessible from the front page of the web site.

They are - http://kernel.org/ right on the front. (Click either 2.6.17.8 or 
"F", depending on what you need).


Jan Engelhardt
-- 

Re: Dumb Question

[Marc Perkel]

Marc Perkel wrote:
> OK - so if I want to download the latest kerkel and compile it - what 
> files do I need to download and how do I apply the patch?
>

I figured it out - however - the files to download to compile the kernel 
should be accessible from the front page of the web site.

Re: Dumb Question

[Josef Sipek]

On Thu, Aug 10, 2006 at 08:54:50PM -0700, Marc Perkel wrote:
> OK - so if I want to download the latest kerkel and compile it - what 
> files do I need to download and how do I apply the patch?

I'd suggest starting over at kernelnewbies [1]. They have a lot of how to
get started info.

Josef "Jeff" Sipek.

[1] kernelnewbies.org

-- 
NT is to UNIX what a doughnut is to a particle accelerator.

Dumb Question

[Marc Perkel]

OK - so if I want to download the latest kerkel and compile it - what 
files do I need to download and how do I apply the patch?

Re: Dumb question

[Mike]

What does your rc.firewall script look like, and why would you need to
restart your server?

Are you not able to just execute /etc/rc.d/rc.firewall and have it
reload the firewall?

Thanks

Mike

Facundo Barrera wrote:
> Hi list:
>         I'm using iptables on slackware, everytime i update a rule on
> my rc.firewall script i have to reboot my server....SO LAMMER!!!
> how can i update my iptables rules without rebooting the OS?
> 
> Many thanks.
> 

Dumb question

[Facundo Barrera]

Hi list:
         I'm using iptables on slackware, everytime i update a rule on
my rc.firewall script i have to reboot my server....SO LAMMER!!!
how can i update my iptables rules without rebooting the OS?

Many thanks.

-- 
Facundo Agustin Barrera
IT Management.
Buenos Aires - Argentina.

Re: Dumb question

[Alasdair G Kergon]

On Mon, Apr 11, 2005 at 03:01:40PM -0400, Daniel Phillips wrote:
> Here is a dumb question:  Why does dmsetup use (start, length) for each 
> target line instead of just (length)?  

We decided to require this:
  (a) to make the tables more readable in their raw form
  (b) as additional validation against bugs

> Is it useful to leave some parts 
> of a virtual device unmapped, and if so, why not require them to be 
> mapped explicitly to zero or error?
 
They must be.  Each line has to start where the previous one
ended or you are supposed to get an error.

Alasdair
-- 
agk@redhat.com

Dumb question

[Daniel Phillips]

Hi guys,

Here is a dumb question:  Why does dmsetup use (start, length) for each 
target line instead of just (length)?  Is it useful to leave some parts 
of a virtual device unmapped, and if so, why not require them to be 
mapped explicitly to zero or error?

Regards,

Daniel

Re: Dumb question

[Robin Lynn Frank]

[-- Attachment #1: Type: text/plain, Size: 390 bytes --]

On Thu, 2004-08-26 at 17:52, David Cary Hart wrote:
> > 
> I use TARPIT. It is available in the latest POM which you can download.
> You need the IPTables source code and the source for your kernel which
> well then have to be recompiled. Make CERTAIN that you are not running
> conntrack with TARPIT. 
> 
Thanks.
-- 
Robin Lynn Frank
Director of Operations
Paradigm-Omega, LLC

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 233 bytes --]

Re: Dumb question

[David Cary Hart]

On Thu, 2004-08-26 at 20:48, Robin Lynn Frank wrote:
> Apologies if this is a dumb question but I am new to manipulating
> iptables directly.  There is a pest that has been routinely probing us. 
> While we simply drop them, I'd like to make it "uncomfortable" for them
> to continue.  When I attempt the following, I get the response
> indicated.  We are running Mandrake Linus 10.0 Official with a 2.6
> kernel.

I Frank.
> 
I use TARPIT. It is available in the latest POM which you can download.
You need the IPTables source code and the source for your kernel which
well then have to be recompiled. Make CERTAIN that you are not running
conntrack with TARPIT. 

> # /sbin/iptables -A INPUT -s ###.###.#.### -j TARPIT
> iptables: No chain/target/match by that name
> 
> Any help is appreciated.

Dumb question

[Robin Lynn Frank]

[-- Attachment #1: Type: text/plain, Size: 553 bytes --]

Apologies if this is a dumb question but I am new to manipulating
iptables directly.  There is a pest that has been routinely probing us. 
While we simply drop them, I'd like to make it "uncomfortable" for them
to continue.  When I attempt the following, I get the response
indicated.  We are running Mandrake Linus 10.0 Official with a 2.6
kernel.

# /sbin/iptables -A INPUT -s ###.###.#.### -j TARPIT
iptables: No chain/target/match by that name

Any help is appreciated.
-- 
Robin Lynn Frank
Director of Operations
Paradigm-Omega, LLC

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 233 bytes --]